Jump to content

June 2023 Update (KB5027231) prevents Google Chrome from displaying

codesmithery
 Share
Go to solution Solved by Arthi,

Recommended Posts

prcuaIT

prcuaIT

Posted
Posted
2 minutes ago, Iadcr said:

Is there any workaround for the Nebula Agents until a patch is released? Thanks!

FYI, As I posted above, rolling back the Windows update worked for me, while helping a client.  I tried to login to the normal MB endpoint cloud to see if I could turn off MB for Chrome, but could not get past the "Now you must use Nebula" popup.  I could see the Endpoint dashboard behind the popup, but the Nebula login popup always responded with "your session has timed" out when I attempted to log in.  Was glad that the Win Update rollback worked. 

Link to post
Share on other sites
Iadcr

Iadcr

Posted
Posted
8 minutes ago, prcuaIT said:

FYI, As I posted above, rolling back the Windows update worked for me, while helping a client.  I tried to login to the normal MB endpoint cloud to see if I could turn off MB for Chrome, but could not get past the "Now you must use Nebula" popup.  I could see the Endpoint dashboard behind the popup, but the Nebula login popup always responded with "your session has timed" out when I attempted to log in.  Was glad that the Win Update rollback worked. 

Thanks I'll have to resort to that tonight after hours if a patch is not released today.

  • Like 1
Link to post
Share on other sites
ac513

ac513

Posted
Posted

Interestingly, I am an admin of a university that is a Cisco Secure Endpoint shop. We're seeing this exact same behavior as well with the June 2023 cumulative updates, and my initial testing has narrowed it down to Secure Endpoint's "Exploit Prevention" engine being the common denominator causing the problem with Chrome not opening.

It seems like Malwarebytes' analogue exploit engine is the cause of this on yall's side, so there has to be more to this story.

The latest Windows update specifically reference possible issues with security applications. I don't know if it's coincidence or relevant, though.

https://support.microsoft.com/en-us/topic/june-13-2023-kb5027231-os-build-22621-1848-8f903600-1293-4431-9c6b-736a4049666c

Quote

  • This update addresses a known issue that affects 32-bit apps that are large address aware and use the CopyFile API. You might have issues when you save, copy, or attach files. If you use some commercial or enterprise security software that uses extended file attributes, this issue will likely affect you. For Microsoft Office apps, this issue only affects the 32-bit versions. You might receive the error, "Document not saved." 

 

  • Like 1
Link to post
Share on other sites
prcuaIT

prcuaIT

Posted
Posted
43 minutes ago, ac513 said:

Interestingly, I am an admin of a university that is a Cisco Secure Endpoint shop. We're seeing this exact same behavior as well with the June 2023 cumulative updates, and my initial testing has narrowed it down to Secure Endpoint's "Exploit Prevention" engine being the common denominator causing the problem with Chrome not opening....

 

Thanks for that extra information and perspective.

Link to post
Share on other sites
khawker

khawker

Posted
Posted

It is not issue in Malwarebytes only.
We had this issue while using ESET Protect.
Basically, you cannot open chrome after update IF you have any other chromium based browser (so edge as well) set as your default browser.
Using chrome or something like firefox as default fixes issue.

  • Like 2
Link to post
Share on other sites
Iadcr

Iadcr

Posted
Posted

I just read this on the support page:

Quote

Resolution

To mitigate this issue and prevent Google Chrome from crashing, we've applied an update which disabled Google Chrome as a protected application in your policy settings. Once this issue is resolved, Google Chrome will be added back as a protected application in your policy settings.

Is this saying that chrome is vulnerable to attack right now for all of my clients!? This would be unacceptable to shut down protection for all of my clients who use Chrome when the small % who are affected could just use Edge safely temporarily. Please let me know if I'm misunderstanding this. 

  • Haha 1
Link to post
Share on other sites
  • Staff
H4V0C

H4V0C

Posted
  • Staff
Posted (edited)
23 hours ago, AdamFineLine said:

I hope a patch is pushed out by Malwarebytes as soon as possible, our phones have been ringing off the hook all morning with customers calling about not being able to open Google Chrome which is a pretty big problem (considering it's one of the most important apps that a lot of people use because all their passwords and bookmarks are saved within).

We plan to push out an update today that will temporarily address this issue until we're able to fully resolve the conflict. We'll keep you posted as the day progresses. 

 

23 hours ago, mnbrightblade said:

When you come out with in update, will it automatically enable protection for Chrome again since we had to manually turn it off as a temporary fix?

We're still working out the details on this but, in order to get the fix out as soon as possible, we might not be able to re-enable exploit protection for Chrome automatically if it was manually turned off by the user. We're exploring options to see if there is a way to automate that. Worst case scenario, we may need to create a knowledge base article to guide users on re-enabling the protection and share the article or link directly to users. Edit for clarification - this pertains to our Malwarebytes consumer product.

Edited by H4V0C
clarification of product version
Link to post
Share on other sites
mnbrightblade

mnbrightblade

Posted
Posted
1 hour ago, H4V0C said:

We're still working out the details on this but, in order to get the fix out as soon as possible, we might not be able to re-enable exploit protection for Chrome automatically if it was manually turned off by the user. We're exploring options to see if there is a way to automate that. Worst case scenario, we may need to create a knowledge base article to guide users on re-enabling the protection and share the article or link directly to users. Edit for clarification - this pertains to our Malwarebytes consumer product.

Would you at least be able to put out an in app notification to enable once the permanent patch is in place?

Link to post
Share on other sites
  • Staff
H4V0C

H4V0C

Posted
  • Staff
Posted
2 minutes ago, mnbrightblade said:

Would you at least be able to put out an in app notification to enable once the permanent patch is in place?

Yes, as a last resort, if we cannot find a way to automatically re-enable protection, the fallback plan is to utilize an app notification that guides the user on how to re-enable their protection.

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
16 minutes ago, Iadcr said:

Crickets on my last post. So I can only assume the worst.

 

2 hours ago, Iadcr said:

Is this saying that chrome is vulnerable to attack right now for all of my clients!?

There are other layers of protection protecting users. This is just one layer being disabled.

Web protection, File exploit protection, malware, and ransomware protection. Also, if not already installed in Chrome, Browser Guard extension.

Link to post
Share on other sites
  • Staff
H4V0C

H4V0C

Posted
  • Staff
Posted (edited)

📣 UPDATE 📣

We have released the temporary fix to resolve conflicts with Chrome in Malwarebytes Premium. The temporary fix will automatically disable anti-exploit protection for Chrome as suggested in the knowledge base article we published yesterday. Again, this is only meant to be a temporary fix so that users are able to launch Chrome again. This patch will automatically roll out to users via Update package version 1.0.70914 when the product checks for updates - by default this check is performed on an hourly basis.

  • For devices that get this patch automatically, no further action will be required to restore anti-exploit protection for Chrome once we provide a better long-term fix.
  • For devices where anti-exploit was manually turned off (as instructed in the knowledge base article), no further action is required at this moment. Once the long-term fix is implemented, we'll know whether anti-exploit needs to be manually re-enabled for Chrome.

 

image.png.aa08e75866e66d64669c75750b134d28.png

Edited by tetonbob
  • Thanks 1
Link to post
Share on other sites
Porthos

Porthos

Posted
Posted (edited)
12 minutes ago, H4V0C said:

We have released the temporary fix to resolve conflicts with Chrome in Malwarebytes Premium.

Wil the fix be applied to the NON affected OS's as well? Just asking before the rest of the mob posts. 😉

Edited by Porthos
  • Like 2
Link to post
Share on other sites
shruiken15

shruiken15

Posted
Posted

So, if Exploit Protection for Chrome is currently turned off, does that mean that it is not secure to browse with Chrome at the moment? I am trying to understand the full scope of the issue, as my work is largely browser-dependent and I rely on being able to use Chrome securely.

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
47 minutes ago, shruiken15 said:

So, if Exploit Protection for Chrome is currently turned off, does that mean that it is not secure to browse with Chrome at the moment?

There are other layers of protection protecting users. This is just one layer being disabled.

Web protection, File exploit protection, malware, and ransomware protection. Also, if not already installed in Chrome, Browser Guard extension.

Link to post
Share on other sites
shruiken15

shruiken15

Posted
Posted
32 minutes ago, Porthos said:

There are other layers of protection protecting users. This is just one layer being disabled.

Web protection, File exploit protection, malware, and ransomware protection. Also, if not already installed in Chrome, Browser Guard extension.

I have Browser Guard installed as well as the rest of Malwarebyte's features. I just wanted to be sure that Chrome was still safe to use.

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
7 minutes ago, shruiken15 said:

I just wanted to be sure that Chrome was still safe to use.

If you have not done so, please make the following change in Malwarebytes to enable Defender to run alongside MB. Between what is still enabled in Malwarebytes, you should be fine.

image.png.e2aec9cfd1933fe8c146be24a8f78d44.png

 

Link to post
Share on other sites
shruiken15

shruiken15

Posted
Posted
1 minute ago, Porthos said:

If you have not done so, please make the following change in Malwarebytes to enable Defender to run alongside MB. Between what is still enabled in Malwarebytes, you should be fine.

image.png.e2aec9cfd1933fe8c146be24a8f78d44.png

 

Yes, I have that feature enabled. Thank you for your patience and understanding!

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
3 minutes ago, shruiken15 said:

What does disabling Windows Defender registering Malwarebytes do, functionally?

 

20 minutes ago, Porthos said:

enable Defender to run alongside MB.

You will now have both Defender and Malwarebytes protecting your system. My clients have been using that setup for years.

  • Like 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.